Am 23.08.2013 15:38, schrieb Peter Maydell:
> This patchset addresses a concern that came up with Andreas' recent
> patches for using embedded objects in some of the ARM CPU devices:
> object_initialize() doesn't check that there's actually enough space
> for the type being added, so if you have:
>
> struct MyDevice {
> ...
> SomeObject obj;
> };
>
> object_initialize(&mydev->obj, "some-object");
>
> then there's no compile time or runtime check that SomeObject
> is really big enough for the "some-object" object -- if the
> implementation is changed later then there will be silent
> memory corruption.
>
> These patches make object_initialize() a macro which can then
> use sizeof(*PTR) to pass the size into the implementation to
> be checked.
Based on your comment I was already preparing a patch to add an explicit
size argument - there's only 33 users in qemu.git, and it would cover
qbus_create_inplace() and other indirect users as well.
> The virtio patch is worth applying anyway -- it removes some
> pointless casts which would otherwise have caused false
> positives.
Agreed. We shouldn't cast objects before they're initialized. That
OBJECT() is a no-op today I would consider an implementation detail.
Regards,
Andreas
>
> Disclaimer: I've eyeballed all the uses of object_initialize()
> but I haven't necessarily tested them all.
>
> Peter Maydell (2):
> virtio: Remove unnecessary OBJECT casts
> qom: Make object_initialize and object_initialize_with_type check
> size
>
> hw/core/qdev.c | 2 +-
> hw/s390x/s390-virtio-bus.c | 12 ++++++------
> hw/s390x/virtio-ccw.c | 14 +++++++-------
> hw/virtio/virtio-pci.c | 16 ++++++++--------
> include/qom/object.h | 36 ++++++++++++++++++++++++++++++++++--
> qom/object.c | 9 +++++----
> 6 files changed, 61 insertions(+), 28 deletions(-)
>
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
